Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Central Dogma's Login Function Has an Open Redirect Vulnerability Moderate
CVE-2025-11222 was published for com.linecorp.centraldogma:centraldogma-server-auth-shiro (Maven) Dec 4, 2025
minwoox
Credited to minwoox
Open redirect in Apache Shiro Moderate
CVE-2023-46750 was published for org.apache.shiro:shiro-web (Maven) Dec 14, 2023
Liferay Portal is vulnerable to DNS rebinding attacks Moderate
CVE-2025-62266 was published for com.liferay.portal:release.portal.bom (Maven) Oct 30, 2025
Liferay Portal Vulnerable to Open Redirect via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter Moderate
CVE-2025-62253 was published for com.liferay:com.liferay.layout.admin.web (Maven) Oct 27, 2025
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint Moderate
CVE-2024-1440 was published for org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.authentication.endpoint.util (Maven) Jun 2, 2025
Liferay Portal's System, Instance and Site Settings are vulnerable to Open Redirect Moderate
CVE-2025-43795 was published for com.liferay:com.liferay.configuration.admin.web (Maven) Sep 12, 2025
Liferay Portal allows open redirect in /c/portal/edit_info_item parameter redirect Moderate
CVE-2025-43767 was published for com.liferay:com.liferay.info.impl (Maven) Aug 23, 2025
Liferay Portal and Liferay DXP Vulnerable to Open Redirect via the Layout Module Moderate
CVE-2023-35029 was published for com.liferay.portal:release.dxp.bom (Maven) Jun 15, 2023
Apache Tomcat Open Redirect vulnerability Moderate
CVE-2023-41080 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Aug 25, 2023
cdupuis
Credited to cdupuis
Liferay Portal and Liferay DXP's HtmlUtil.escapeRedirect Can Be Circumvented via Two Forward Slashes Moderate
CVE-2024-25609 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024
Liferay Portal and Liferay DXP's HtmlUtil.escapeRedirect Can Be Circumvented via Replacement Character Moderate
CVE-2024-25608 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024
Liferay Vulnerable to Open Redirect via Adaptive Media Administration Page Moderate
CVE-2023-44308 was published for com.liferay:com.liferay.adaptive.media.web (Maven) Feb 20, 2024
Liferay Portal and Liferay DXP Vulnerable to Open Redirect in Countries Management's Edit Region Page Moderate
CVE-2023-5190 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024
Liferay Portal and Liferay DXP HtmlUtil.escapeRedirect Can Be Circumvented Moderate
CVE-2022-28977 was published for com.liferay.portal:com.liferay.util.java (Maven) Sep 23, 2022
Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect Moderate
CVE-2025-27888 was published for org.apache.druid:druid (Maven) Mar 20, 2025
XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument Low
CVE-2025-6701 was published for com.xuxueli:xxl-sso (Maven) Jun 26, 2025
Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLs Moderate
CVE-2021-33331 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability Moderate
CVE-2025-32970 was published for org.xwiki.platform:xwiki-platform-wysiwyg-api (Maven) Apr 29, 2025
Jenkins affected by Open Redirect Vulnerability High
CVE-2016-3726 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins affected by Open Redirect Vulnerability Low
CVE-2012-6073 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins Open Redirect vulnerability Moderate
CVE-2025-27625 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025
Spring Web vulnerable to Open Redirect or Server Side Request Forgery High
CVE-2024-22243 was published for org.springframework:spring-web (Maven) Feb 23, 2024
yoshizawa-masatoshi
Credited to yoshizawa-masatoshi
Spring Framework URL Parsing with Host Validation Vulnerability High
CVE-2024-22259 was published for org.springframework:spring-web (Maven) Mar 16, 2024
yoshizawa-masatoshi
Credited to yoshizawa-masatoshi
Spring Framework URL Parsing with Host Validation High
CVE-2024-22262 was published for org.springframework:spring-web (Maven) Apr 16, 2024
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
Credited to slubwama and mseaton
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database